Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

145,558 advisories

Loading
Calibre Web and Autocaliweb have OS Command Injection vulnerability Moderate
CVE-2025-7404 was published for calibreweb (pip) Jul 24, 2025
gelbphoenix
Credited to gelbphoenix
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The... Moderate Unreviewed
CVE-2025-51085 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo... Moderate Unreviewed
CVE-2025-51089 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The... Moderate Unreviewed
CVE-2025-51088 was published Jul 24, 2025
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned... Moderate Unreviewed
CVE-2025-45731 was published Jul 24, 2025
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform... Moderate Unreviewed
CVE-2025-51082 was published Jul 24, 2025
SoftPerfect Pty Ltd Connection Quality Monitor v1.1 was discovered to store all credentials in... Moderate Unreviewed
CVE-2025-45702 was published Jul 24, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46993 was published Jul 24, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-47061 was published Jul 24, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46996 was published Jul 24, 2025
The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free... Moderate Unreviewed
CVE-2025-8058 was published Jul 23, 2025
Redis through 7.4.3 allows memory consumption via a multi-bulk command composed of many bulks,... Moderate Unreviewed
CVE-2025-46686 was published Jul 23, 2025
A URL redirection in lbry-desktop v0.53.9 allows attackers to redirect victim users to attacker... Moderate Unreviewed
CVE-2025-50477 was published Jul 23, 2025
A URL redirection in Pinokio v3.6.23 allows attackers to redirect victim users to attacker... Moderate Unreviewed
CVE-2025-44109 was published Jul 23, 2025
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist... Moderate Unreviewed
CVE-2025-46171 was published Jul 23, 2025
Mezzanine CMS vulnerable to Cross-site Scripting Moderate
CVE-2025-50481 was published for Mezzanine (pip) Jul 23, 2025
Possible ORM Leak Vulnerability in the Harbor Moderate
CVE-2025-30086 was published for github.com/goharbor/harbor (Go) Jul 23, 2025
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface,... Moderate Unreviewed
CVE-2025-40598 was published Jul 23, 2025
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information... Moderate Unreviewed
CVE-2025-33020 was published Jul 23, 2025
A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as ... Moderate Unreviewed
CVE-2025-54090 was published Jul 23, 2025
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking... Moderate Unreviewed
CVE-2025-36116 was published Jul 23, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-4411 was published Jul 23, 2025
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could... Moderate Unreviewed
CVE-2025-36117 was published Jul 23, 2025
Harbor repository description page has Cross-site Scripting vulnerability Moderate
CVE-2025-32019 was published for github.com/goharbor/harbor (Go) Jul 23, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41751 was published Jul 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database